From c5799618997716288169b6fbcd1251f76788cd49 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Sun, 25 Nov 2007 17:34:19 +0000
Subject: Fixed some potential security risks + updatedd changelog

---
 program/steps/mail/show.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'program/steps/mail/show.inc')

diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc
index e25da03a6..4dcdec362 100644
--- a/program/steps/mail/show.inc
+++ b/program/steps/mail/show.inc
@@ -57,7 +57,7 @@ if ($_GET['_uid'])
   if ($MESSAGE['structure'] = $IMAP->get_structure($MESSAGE['UID']))
     list($MESSAGE['parts'], $MESSAGE['attachments']) = rcmail_parse_message(
       $MESSAGE['structure'],
-      array('safe' => (bool)$_GET['_safe'],
+      array('safe' => intval($_GET['_safe']),
             'prefer_html' => $CONFIG['prefer_html'],
             'get_url' => $GET_URL.'&_part=%s')
       );
@@ -71,7 +71,7 @@ if ($_GET['_uid'])
 
   // give message uid to the client
   $OUTPUT->set_env('uid', $MESSAGE['UID']);
-  $OUTPUT->set_env('safemode', (bool)$_GET['_safe']);
+  $OUTPUT->set_env('safemode', intval($_GET['_safe']));
 
   $next = $prev = -1;
   // get previous, first, next and last message UID
-- 
cgit v1.2.3